Fujitsu Finds Potential Risks of Enterprise
February 26, 2019
Fujitsu noted development of technology that can comprehensively detect, in advance, risks associated with smart contracts, which are programs that automatically execute transactions on blockchain platforms. The technology also locates relevant risks in the smart contracts.
Blockchain technology, which was developed as the foundation for Bitcoin, is expected to have applications in a variety of fields beyond finance, including real estate and healthcare. Nevertheless, if smart contracts have risks, it would directly lead to business losses, so it is an important research issue to improve the reliability of blockchain system. Now, Fujitsu Research and Development Center and Fujitsu Laboratories have developed algorithms to identify risk-affected transaction process on Hyperledger Fabric (*3), which is one of the execution platforms of blockchain application, using source code analysis technology. Using these algorithms, they have developed technology that can comprehensively detect 13 types of risks in smart contracts(Fig.1), which have the potential to be overlooked in a manual review, and can then locate relevant risks in the smart contracts.
Details of this technology will be announced at the International Workshop on Blockchain Oriented Software Engineering 2019 (IWBOSE 2019), an international conference that to be held in Hangzhou, China on February 24 (Sunday).
【 Development Background 】
Blockchain technology can ensure that, even without a trusted third-party intermediary, data will not be altered, and is expected to have applications not only in the field of finance, but also in securities management, real estate registration, healthcare, and electronic government.
Blockchain offers functionality to automatically check and execute smart contracts, which are implemented as source codes. Because smart contracts are copied to multiple locations and executed in a distributed manner, once a contract has been executed, it cannot easily be stopped, and it cannot be revised even if risks are found in the smart contract. In fact, there has been an incident in which, because a smart contract to create an automatic investment trust application on a blockchain was flawed, a huge amount of capital was improperly transferred.
【 Issues 】
In Hyperledger Fabric, which is one of execution platforms of blockchain applications, the risk of smart contract is classified into 13 types (Fig.1). But previous technologies to detect smart contract risks in advance were unable to detect all of the different types. For example, when writing based on the read value, there is a possibility that the value may not be reflected correctly, since it might be altered by other concurrent transactions. Previous technologies could not detect such risks as they do not consider such context.
【 About the Newly Developed Technology 】
Now, Fujitsu Research and Development Center and Fujitsu Laboratories have now developed algorithms to automatically detect risks in smart contracts for Hyperledger Fabric that could not previously be detected (Fig.2).